As the UK is due to leave the EU in 2019, a new Data Protection Act has been passed, receiving Royal Assent on 23 May 2018, which enacts the GDPR in UK law, with some small changes. You can access full details of The Data Protection Act 2018 here.

The website of the Information Commissioner's Office includes some very useful information relating to GDPR, including addressing some of the myths.

European Patient Forum - The New EU Regulations on the Protection of Personal Data: what does it mean for patients? (29 March 2018)

IThe European Patients Forum have produced a useful document which outlines what the GDPR means from a patients’ perspective and how patients’ organisations can contribute to ensuring that patients’ rights to privacy, data sharing, and accessing their health data are implemented optimally.